# RSSNSA

The RSS nice shim anonymizer

## Abstract

RSS is nice and stuff, but the readers are not "Tor aware" in a sense, that they use a new circuit for every fetch. 
A malicios Exit could therefore analyse the destination of ones requests, knowing what 
RSS feeds somebody reads, thus aiding in deanonymisation. I conducted tests on most of the RSS readers that i 
could get hold of and that were not too much of a hassle to install.
All fetch through the same circuit or even worse outsource fetching to their servers (i noticed that the 
server i used for testing began eating HTTP GET based attacks seconds after givin my IP to one of those
outsourcing RSS readers. Very uncivilized, but of course i am thankful for this malware donation.)


![UNACCEPTABLE](https://newfastuff.com/wp-content/uploads/2019/04/1xabHyc.png)



I figured something needs to be done, and RSSNSA was born.

## Features

* Supports all (non shit) RSS Readers! (maybe)
* New circuit every fetch!
* Randomized fetching times!
* Spoofed useragent!
* Add Onionsupport for your RSS reader of choice!

## Principle

For every RSS feed you want to fetch, a thread is created that wget's it and waits either a fixed interval 
or a randomized one. After this, a HTTP server serves it locally, for your RSS reader to fetch it.
That's all. Even if you pull multiple RSS feeds from one server, they get different circuits.

## Installation and Configuration

### Dependencies:

* Tor
* torsocks
* wget
* python3

### Installation

Install the dependencies:
```
sudo apt install python3 Tor torsocks wget -y
```

Start Tor:
```
sudo systemctl start Tor
```

Clone the repo somewhere:
```
git clone git@notabug.org:SuspiciousActions/RSSNSA.git
```

Create a `/lib/systemd/system/RSSNA.service`:
```
sudo nano /lib/systemd/system/RSSNA.service
```

With the following content:

```
[Unit]
Description=RSS nice shim anonymizer
After=multi-user.target
Conflicts=getty@tty1.service

[Service]
Type=simple
WorkingDirectory=/home/user/RSSAP/
ExecStart=/usr/bin/python3 /home/user/RSSNSA/RSSNSA.py
StandardInput=tty-force
User=user

[Install]
WantedBy=multi-user.target
```

Assuming the following:
* The username of yours is `user`
* Your python3 lives in `/usr/bin/python3`
* Your RSSNSA lives in `/home/user/RSSNSA/`

After that you need to reload the daemons

```
sudo systemctl daemon-reload
```

### Configuration

Open the `RSSNSA.py` with your favorite texteditor and add your RSS feeds. There are some examples. 
Also you might want to change the useragent.

Go to your RSS reader and add your RSS feeds. If you do not change the defaults, the URL will be 
something like: `http://127.0.0.1:8000/YOURRSSNAME.xml`

### Usage

Starting:  
```
sudo systemctl start RSSNsA
```

Stopping:
```
sudo systemctl stop RSSNSA
```

Enabling at startup:
```
sudo systemctl enable RSSNA
```

## Troubleshooting  

You can take any Browser you like to check if the Server works by opening `http://127.0.0.1:8000`.

If not, you want to kill the service and check with `sudo netstat -na --program | grep 8000`. 
If there are lines ending with `TIME_WAIT`, than you have to WAIT TIME. Try this command again in 
a few minutes. If there is no output, try starting the service again. It should work.

If not, stop the service and run it with `python3 RSSNSA.py` to see if there is something that looks 
obviously broken.

Should it not work after a reboot, you could have forgotten to enable the Tor service.

## Known Bugs
When restarting, it will fail to launch the webbrowser sometimes. You will have to wait a few minutes.

If you use randomization and set `interval=1`, `randomrange` will not be happy.

## Questions and Answers

**Is it any good?**  
I do not know. Its better than nothing. I guess?  

**Is this even bad?**  
Depending on threat model it could be. I hope it is not, but using wget for fetching could create 
a distinct fingerprint on the server one fetches her RSS feeds from. For example i noticed in testing, 
that Akkregator fetches the favicon first, but RSSNSA wont fetch it at all. With this information an 
adversarial RSS feed provider could distinguish RSSNSA from Akkregator even with a spoofed user agent.
And whatever is different. Dunno.
Most people mistrust the Exits more than their favorit bloggers, so i think for this scenario RSSNSA gives 
one more anonymity.

**Is it audited?**  
Of course. My friendly cat gracefully audited it after i finished it at around 4 am. But she is not that 
proficient in python so maybe you should look at the code yourself. It is quite easy and short.

**Technicly this is not a shim but a proxy!11!!**  
Yes. But RSSNPA does not sound as cool as RSSNSA.

**This is so complicated!**  
No.

**Is windows supported?**  
lol No.
